On 01/27/2010 05:44 PM, Adam Gregory wrote:
This is more a server security issue rather than a Drupal one. I've seen
this happen with Drupal, Joomla, Wordpress and custom PHP code. It
really most likely means that access to the server/host was compromised
at some point.
There are lost of things that can be done to prevent this like
chmod/own-ing your file system correctly(As Gerhard touched on). This is
also a good reason to use SFTP rather then FTP as passwords in SFTP are
sent encrypted and FTP are not leaving them open to a *man-in-the-middle
attack.*
Ultimately though it's a good example of how Drupal can only go so far
in keeping itself secure but there are still plenty of other ways out
side Drupals area of responsibility that your site can be compromised.
-----
Adam A. Gregory
Drupal Developer & Consultant
Web: AdamAGregory.com
Twitter: twitter.com/adamgregory <http://twitter.com/adamgregory>
Phone: 910.808.1717
Cell: 706.761.7375
On Wed, Jan 27, 2010 at 6:53 AM, Fred Jones <[email protected]
<mailto:[email protected]>> wrote:
> I also wonder whether Drupal could be adjusted so as to
automatically set
> file bootstrap.inc, and perhaps other critical ones, as
read-only. So far it
> is done only with settings.php file.
Well if they did it via FTP, that wouldn't help...
F
Yeah, this is more of a server security related thing. The server must
have been open at some port probably FTP with insecure settings.
--
Nilesh Govindarajan
Site & Server Adminstrator
www.itech7.com
